1. Field of the Invention
This invention relates to a biometrics authentication method, media for individual authentication, and a biometrics authentication device, for authenticate an individual by utilizing biometrics characteristics which are a portion of the human body, and in particular relates to a biometrics authentication method, media for individual authentication, and a biometrics authentication device which are suitable for use in individual authentication by verifying registered biometrics data sets against a detected biometrics data set.
2. Description of the Related Art
Among individual authentication techniques of recent years, biometrics authentication technology has attracted attention. There are numerous portions of the human body which can be used to differentiate the individual, such as fingerprints and toe-prints, the retinas of the eyes, facial features, and blood vessels; in such methods, biometrics characteristics of such portions of the human body are identified to perform individual authentication.
For example, comparatively large amounts of individual characteristic data are obtained from blood vessels in the fingers, palms, and backs of the hands. Moreover, blood vessel (vein) patterns remain unchanged throughout life from infancy and are regarded as being completely unique, and so are well-suited to individual authentication.
In such biometrics authentication, first a portion of the biometrics characteristics of the user himself is detected by a detection apparatus, and the detected biometrics data is registered on a card or on a server. Next, in order to perform individual authentication, a portion of the biometrics characteristics of the user is detected by a detection apparatus, the detected biometrics data is verified against the registered biometrics data, and individual authentication is performed based on degree of similarity.
If such biometrics data is registered and stored in one location, then should the data be leaked to an outside party, there is the possibility that the entirety of the biometrics data may be copied or that some forgery or similar may occur, resulting in illicit use. Hence a distributed storage method has been proposed, in which the biometrics data is divided and the divided portions are stored on different media.
For example, a method in which the biometrics information for a registered person is divided, each divided information portion is stored on a card and in an authentication device, and at the time of verification the divided data is read and combined, to obtain the registered biometrics data (see for example, Japanese Patent Laid-open No. 2001-067137 and Japanese Patent Laid-open No. 2002-351843), as well as a method in which each of the divided portions of biometrics information for a registered person is stored in an authentication management center and in a user terminal, and at the time of verification the divided data is read and combined, to obtain the registered biometrics data (see for example, Japanese Patent Laid-open No. 2005-122478), have been proposed.
When biometrics data is divided in this way, a key to relate the divided data is necessary. That is, a key is used to associate and to combine divided data, to reproduce the registered data at the time of verification. In the proposals of the prior art described above, an encrypted identifying number (for example, an ID number, password number or similar) of the registered person is used as the key.
However, even if the identifying number in the technology of the prior art is encrypted, the number can be decrypted. If the identifying number is decrypted, even when data has been divided in order to prevent illicit use of the entirety of the biometrics data, the corresponding divided data can easily be retrieved and combined, to reproduce the entirety of the biometrics data.
Moreover, biometrics data is individual information, and so illicit access and of course such illicit acquisition must of course be prevented. For this reason there are concerns that the security of biometrics authentication devices used by individuals may be compromised, impeding the spread of such devices; and so further measures are necessary to enable the effective use of biometrics authentication.